function reportComment() { if (JCommentsSecurity::badRequest() == 1) { JCommentsSecurity::notAuth(); } $acl =& JCommentsFactory::getACL(); $db =& JCommentsFactory::getDBO(); $config =& JCommentsFactory::getConfig(); $response =& JCommentsFactory::getAjaxResponse(); $values = JCommentsAJAX::prepareValues($_POST); $id = (int) $values['commentid']; $reason = trim(strip_tags($values['reason'])); $name = trim(strip_tags($values['name'])); $ip = $acl->getUserIP(); if ($reason == '') { JCommentsAJAX::showErrorMessage(JText::_('Please enter the reason for your report!'), '', 'comments-report-form'); return $response; } $query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id; if ($acl->getUserId()) { $query .= ' AND userid = ' . $acl->getUserId(); } else { $query .= ' AND ip = "' . $ip . '"'; } $db->setQuery($query); $reported = $db->loadResult(); if (!$reported) { $query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id; $db->setQuery($query); $reported = $db->loadResult(); if (!$reported) { $comment = new JCommentsDB($db); if ($comment->load($id)) { if ($acl->canReport($comment)) { $allowed = true; if ($config->getInt('enable_mambots') == 1) { require_once JCOMMENTS_HELPERS . DS . 'plugin.php'; JCommentsPluginHelper::importPlugin('jcomments'); JCommentsPluginHelper::trigger('onReportComment', array(&$comment, &$response, &$allowed, &$value)); } if ($allowed !== false) { if ($acl->getUserId()) { $user = JCommentsFactory::getUser(); $name = $user->name; } else { if ($name == '') { $name = JText::_('Guest'); } } $query = "INSERT INTO `#__jcomments_reports`(`commentid`,`userid`, `name`,`ip`,`date`,`reason`)" . "VALUES('" . $comment->id . "', '" . $acl->getUserId() . "', '" . $db->getEscaped($name) . "', '" . $db->getEscaped($ip) . "', now(), '" . $db->getEscaped($reason) . "')"; $db->setQuery($query); $db->query(); if ($config->getInt('enable_notification') == 1) { if ($config->check('notification_type', 2)) { $comment->datetime = $comment->date; if (is_string($comment->datetime)) { $comment->datetime = strtotime($comment->datetime); } JComments::sendReport($comment, $name, $reason); } } $html = JText::_('Report successfully sent!'); $html = str_replace("\n", '\\n', $html); $html = str_replace('\\n', '<br />', $html); $html = JCommentsText::jsEscape($html); $response->addScript("jcomments.closeReport('{$html}');"); } } else { JCommentsAJAX::showErrorMessage(JText::_('You have no rights to report comment!'), '', 'comments-report-form'); } } else { $response->addAlert(JText::_('ERROR_NOT_FOUND')); } unset($comment); } else { JCommentsAJAX::showErrorMessage(JText::_('Comment already reported to the site administrator'), '', 'comments-report-form'); } } else { JCommentsAJAX::showErrorMessage(JText::_('You can\'t report the same comment more than once!'), '', 'comments-report-form'); } return $response; }